[Virus] Photo.Zip .. (Résolu!) (1/1)

Connexion au forum informatique de Sur-la-Toile

La discussion « [Virus] Photo.Zip .. » se trouve dans le forum « Virus, troyens, etc... »

	[Virus] Photo.Zip ..
	» Liste des Forums » Virus, troyens, etc... » Discussion

13 messages dans la rubrique Virus, troyens, etc...

9 messages dans la rubrique Dépannage Informatique

Le 1-06-2007 à 21:16 #

Bonjour à tous,

J'ai Reçu le fameux virus photo.Zip , et j'ai suivi les tutoriaux et voici mes rapports ...

Msnfix :

MSN_Fix 1.312

C:\Documents and Settings\David\Bureau\MSNFix\MSNFix
Fix exécuté le 01/06/2007 - 21:03:59,32 By David
mode normal

************************ Recherche les fichiers présents

... C:\Install_Messenger.exe

************************ Recherche les dossiers présents

Aucun dossier trouvé

************************ Suppression des fichiers

.. OK ... C:\Install_Messenger.exe

************************ Nettoyage du registre
.......... OK

************************ Fichiers suspects

/!\ ces fichiers nécessitent un avis expérimenté avant toute intervention

[C:\WINDOWS\photos.zip] 0A8A9FA51189AFABDDE85877FE6369BD
[C:\WINDOWS\system32\FireStorm.scr] 92DF37FDE3AAEED4AB8555FEF88BD91D
[C:\WINDOWS\system32\ygpss.scr] FDF159E6C4EE927B245C4B1C83882C10
[C:\Cyclone.scr] 93310D28ABC04DCAF1213E76D559805F
[C:\Euphoria.scr] 852984B545A6D980D439277F16DC73C7
[C:\FieldLines.scr] 4BC14A9C4B8D9632D8FF2258169B5389
[C:\Flocks.scr] 439A34FDAED484E73027A204C4D0D8AE
[C:\Flux.scr] 45D2CC4371F03A64F6DDFE95B1A68017
[C:\Helios.scr] 2C75F551D2D589D5841C4E3FE587BB7F
[C:\Hyperspace.scr] B3169652952B3ED9DE37C8CEC992A666
[C:\Lattice.scr] 1977E1A3B8B70D673443793E21DE6516
[C:\Plasma.scr] E28A4F1DC3B9CFA10C722E03D6BDA721
[C:\Skyrocket.scr] 4D45231A82766FA46DD09EAEAE8F9234
[C:\SolarWinds.scr] 666F1FEE7A5D33E3ABB1408A07332517
[C:\really-slick-screensavers_really_slick_screensavers_anglais_15298.zip]

D0C134A16880584CE7D84007E58B0967
[C:\VirtualDub-1.7.1.zip] 8EC522ADC5296BC9D8A97EEBC9261C1F

Les fichiers et clés de registre supprimés ont été sauvegardés dans le fichier 01062007_21043923.zip

------------------------------------------------------------------------
Auteur : !aur3n7 Contact: http://246694.aceboard.fr
------------------------------------------------------------------------

--------------------------------------------- END ---------------------------------------------

Clean :
01/06/2007 a 20:54:18,40

*** Recherche des fichiers dans C:
C:\autorun.inf FOUND
C:\setup.exe FOUND
C:\setup.exe FOUND

*** Recherche des fichiers dans C:\WINDOWS\
C:\WINDOWS\temp\mc???.tmp FOUND

*** Recherche des fichiers dans C:\WINDOWS\system32
C:\WINDOWS\system32\SpoonUninstall.exe FOUND

*** Recherche des fichiers dans C:\Program Files
"C:\Program Files\Accoona\" FOUND
"C:\Program Files\Viewpoint\" FOUND
*** Fin du rapport !

hijackthis : Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 21:08:07, on 01/06/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\McAfee.com\Personal Firewall\MPFTray.exe
C:\PROGRA~1\mcafee.com\agent\McAgent.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
C:\WINDOWS\system32\r_server.exe
C:\WINDOWS\system32\CAP3RSK.EXE
C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\CAP3SWK.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\EXPLORER.EXE
C:\Documents and Settings\David\Bureau\test.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

http://www.euro.dell.com/countries/fr/fra/gen/default.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

http://www.euro.dell.com/countries/fr/fra/gen/default.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.accoona.com/search?q=%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat

6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} -

C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program

Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program

files\google\googletoolbar1.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} -

c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: (no name) - {364B6276-C6C1-40B6-A6D7-6C48871FD707} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program

files\google\googletoolbar1.dll
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O4 - HKLM\..\Run: [MPFEXE] "C:\Program Files\McAfee.com\Personal Firewall\MPFTray.exe"
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\McUpdate.exe
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\McAgent.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program

Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program

Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: 50 FREE MP3s! - {686C970F-1D7D-4469-85D1-4B35763B56CC} -

http://www.emusic.com?fref=149133 (file missing)
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program

Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program

Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -

http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) -

http://download.mcafee.com/molbin/shared/mcinsctl/fr/4,0,0,90/mcinsctl.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) -

http://download.mcafee.com/molbin/shared/mcgdmgr/fr/1,0,0,23/mcgdmgr.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{0D078488-CBE1-403E-A51F-8651D3B56F97}: NameServer =

192.168.1.1,192.168.1.2
O18 - Protocol: bw+0 - {4A1BF244-4F15-4019-AB46-8D3C414FBAFE} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {4A1BF244-4F15-4019-AB46-8D3C414FBAFE} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {4A1BF244-4F15-4019-AB46-8D3C414FBAFE} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {4A1BF244-4F15-4019-AB46-8D3C414FBAFE} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {4A1BF244-4F15-4019-AB46-8D3C414FBAFE} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {4A1BF244-4F15-4019-AB46-8D3C414FBAFE} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {4A1BF244-4F15-4019-AB46-8D3C414FBAFE} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {4A1BF244-4F15-4019-AB46-8D3C414FBAFE} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {4A1BF244-4F15-4019-AB46-8D3C414FBAFE} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {4A1BF244-4F15-4019-AB46-8D3C414FBAFE} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {4A1BF244-4F15-4019-AB46-8D3C414FBAFE} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {4A1BF244-4F15-4019-AB46-8D3C414FBAFE} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {4A1BF244-4F15-4019-AB46-8D3C414FBAFE} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {4A1BF244-4F15-4019-AB46-8D3C414FBAFE} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {4A1BF244-4F15-4019-AB46-8D3C414FBAFE} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {4A1BF244-4F15-4019-AB46-8D3C414FBAFE} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {4A1BF244-4F15-4019-AB46-8D3C414FBAFE} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {4A1BF244-4F15-4019-AB46-8D3C414FBAFE} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {4A1BF244-4F15-4019-AB46-8D3C414FBAFE} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {4A1BF244-4F15-4019-AB46-8D3C414FBAFE} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {4A1BF244-4F15-4019-AB46-8D3C414FBAFE} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {4A1BF244-4F15-4019-AB46-8D3C414FBAFE} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {4A1BF244-4F15-4019-AB46-8D3C414FBAFE} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {4A1BF244-4F15-4019-AB46-8D3C414FBAFE} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {4A1BF244-4F15-4019-AB46-8D3C414FBAFE} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {4A1BF244-4F15-4019-AB46-8D3C414FBAFE} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {4A1BF244-4F15-4019-AB46-8D3C414FBAFE} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {4A1BF244-4F15-4019-AB46-8D3C414FBAFE} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {4A1BF244-4F15-4019-AB46-8D3C414FBAFE} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {4A1BF244-4F15-4019-AB46-8D3C414FBAFE} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {4A1BF244-4F15-4019-AB46-8D3C414FBAFE} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {4A1BF244-4F15-4019-AB46-8D3C414FBAFE} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {4A1BF244-4F15-4019-AB46-8D3C414FBAFE} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {4A1BF244-4F15-4019-AB46-8D3C414FBAFE} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {4A1BF244-4F15-4019-AB46-8D3C414FBAFE} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {4A1BF244-4F15-4019-AB46-8D3C414FBAFE} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {4A1BF244-4F15-4019-AB46-8D3C414FBAFE} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {4A1BF244-4F15-4019-AB46-8D3C414FBAFE} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {4A1BF244-4F15-4019-AB46-8D3C414FBAFE} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {4A1BF244-4F15-4019-AB46-8D3C414FBAFE} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {4A1BF244-4F15-4019-AB46-8D3C414FBAFE} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {4A1BF244-4F15-4019-AB46-8D3C414FBAFE} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {4A1BF244-4F15-4019-AB46-8D3C414FBAFE} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {4A1BF244-4F15-4019-AB46-8D3C414FBAFE} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {4A1BF244-4F15-4019-AB46-8D3C414FBAFE} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {4A1BF244-4F15-4019-AB46-8D3C414FBAFE} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {4A1BF244-4F15-4019-AB46-8D3C414FBAFE} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {4A1BF244-4F15-4019-AB46-8D3C414FBAFE} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {4A1BF244-4F15-4019-AB46-8D3C414FBAFE} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {4A1BF244-4F15-4019-AB46-8D3C414FBAFE} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {4A1BF244-4F15-4019-AB46-8D3C414FBAFE} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {4A1BF244-4F15-4019-AB46-8D3C414FBAFE} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {4A1BF244-4F15-4019-AB46-8D3C414FBAFE} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {4A1BF244-4F15-4019-AB46-8D3C414FBAFE} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {4A1BF244-4F15-4019-AB46-8D3C414FBAFE} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {4A1BF244-4F15-4019-AB46-8D3C414FBAFE} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {4A1BF244-4F15-4019-AB46-8D3C414FBAFE} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {4A1BF244-4F15-4019-AB46-8D3C414FBAFE} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {4A1BF244-4F15-4019-AB46-8D3C414FBAFE} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {4A1BF244-4F15-4019-AB46-8D3C414FBAFE} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {4A1BF244-4F15-4019-AB46-8D3C414FBAFE} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {4A1BF244-4F15-4019-AB46-8D3C414FBAFE} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {4A1BF244-4F15-4019-AB46-8D3C414FBAFE} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {4A1BF244-4F15-4019-AB46-8D3C414FBAFE} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {4A1BF244-4F15-4019-AB46-8D3C414FBAFE} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {4A1BF244-4F15-4019-AB46-8D3C414FBAFE} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {4A1BF244-4F15-4019-AB46-8D3C414FBAFE} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {4A1BF244-4F15-4019-AB46-8D3C414FBAFE} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {4A1BF244-4F15-4019-AB46-8D3C414FBAFE} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {4A1BF244-4F15-4019-AB46-8D3C414FBAFE} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {4A1BF244-4F15-4019-AB46-8D3C414FBAFE} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {4A1BF244-4F15-4019-AB46-8D3C414FBAFE} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {4A1BF244-4F15-4019-AB46-8D3C414FBAFE} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {4A1BF244-4F15-4019-AB46-8D3C414FBAFE} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {4A1BF244-4F15-4019-AB46-8D3C414FBAFE} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {4A1BF244-4F15-4019-AB46-8D3C414FBAFE} - C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {4A1BF244-4F15-4019-AB46-8D3C414FBAFE} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O21 - SSODL: syshosts - {2B89BD3B-580C-49CD-8791-204948FBEA23} - syshosts.dll (file missing)
O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} -

C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Démon de cache des catégories de composant -

{8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil

Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil

Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd -

C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner -

C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Fax - Unknown owner - C:\WINDOWS\system32\fxssvc.exe
O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner -

C:\WINDOWS\system32\imapi.exe
O23 - Service: iPod Service (iPodService) - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner -

C:\WINDOWS\system32\mnmsrvc.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation -

C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner -

C:\WINDOWS\system32\sessmgr.exe
O23 - Service: Remote Administrator Service (r_server) - Unknown owner -

C:\WINDOWS\system32\r_server.exe
O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner -

C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner -

C:\WINDOWS\system32\wbem\wmiapsrv.exe
O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner -

C:\Program Files\Windows Media Player\WMPNetwk.exe

--
End of file - 19984 bytes

Merci d'avance , j'espere que vous pourrez m'aider ...

11658 messages dans la rubrique Dépannage Informatique

4155 messages dans la rubrique Virus, troyens, etc...

31 ans.

Le 1-06-2007 à 21:19 #

salut et bienvenue sur la toile

supprime dans C:\WINDOWS\ >> photos.zip.

redemarre en mode sans echec (touche F8 au demarrage)

lance clean.zip et choisit l'option 2

en mode normal post nous ton rapport dans ton prochain message

A++

[ Ce message a été modifié par : : lolo73 le 01-06-2007 21:21 ]

Le 1-06-2007 à 21:29 #

Voila voila

Script execute en mode sans echec
Rapport clean par Malekal_morte - http://www.malekal.com
Script execute en mode sans echec 01/06/2007 a 21:23:11,21

Microsoft Windows XP [version 5.1.2600]

*** Suppression des fichiers dans C:
tentative de suppression de C:\autorun.inf
tentative de suppression de C:\setup.exe

*** Suppression des fichiers dans C:\WINDOWS\
tentative de suppression de C:\WINDOWS\temp\mc???.tmp
Impossible de supprimer C:\WINDOWS\temp\mc???.tmp

*** Suppression des fichiers dans C:\WINDOWS\system32
tentative de suppression de C:\WINDOWS\system32\SpoonUninstall.exe

*** Suppression des fichiers dans C:\Program Files
tentative de suppression de "C:\Program Files\Accoona\"
tentative de suppression de "C:\Program Files\Viewpoint\"

*** Suppression des clefs du registre effectuee..
*** Fin du rapport !

7383 messages dans la rubrique Virus, troyens, etc...

2307 messages dans la rubrique Dépannage Informatique

286 messages dans la rubrique Hors sujet

16 ans.

Le 1-06-2007 à 21:38 #

démarrer >> rechercher >> tous les dossiers/fichiers ( valdier la recherche dans les dossiers/fichiers cachés ) et supprimer si présent

photo album.zip

Le 1-06-2007 à 21:41 #

Recherche effectuée , Aucun fichier trouvés

16 ans.

Le 1-06-2007 à 21:41 #

et avec photos.zip ?

Le 2-06-2007 à 00:58 #

Non plus , et plus aucun soucis avec MSN . Un grand merci a toute l'équipe , et longue vie a la toile ...

» Liste des Forums » Virus, troyens, etc...

Navigation

Connectés

Il y a actuellement 402 visiteurs et 14 toiliens en ligne.

Recherche

Concours

Partenaires

Sauf mention contraire, le contenu du blog et du forum est sous licence Creative Commons By-Sa. Vous avez le droit de le reproduire à condition de citer l'auteur, de faire un lien vers la page d'origine, et de partager vos travaux dérivés selon les mêmes conditions.

Conditions d'utilisation -

Partenaires: [Informatique Multimédia] [Portail du Maroc] [Actualité High Tech]
[Tutoriaux Photoshop] [éligibilité ADSL] [Astuces Windows]

Page générée en 153 millisecondes sur WWW2.

[Virus] Photo.Zip ..

Participer! →

DarkSpirit →

Le 1-06-2007 à 21:16 #

lolo73 →

Le 1-06-2007 à 21:19 #

DarkSpirit →

Le 1-06-2007 à 21:29 #

thegame →

Le 1-06-2007 à 21:38 #

DarkSpirit →

Le 1-06-2007 à 21:41 #

thegame →

Le 1-06-2007 à 21:41 #

DarkSpirit →

Le 2-06-2007 à 00:58 #

Participer! →

Sujets Connexes

Arakien & WéWé

Du nouveau ?

Forums

Navigation

Publicité

Connectés

Recherche

Concours

Partenaires